Results 1 to 6 of 6
Thread: What do I do?
Hybrid View
-
02-05-2003, 08:43 PM #1Junior Guru
- Join Date
- Aug 2001
- Location
- Connecticut
- Posts
- 242
What do I do?
Here's the delemma.
For the past 2 weeks, i've been up and down days at a time with AtWebhost... I call, and they are like "well its because your server isnt patched" -- okay, $35, they work on it offline, and its back up... less than 16 hours later, im back down again, i terminal service in, and reboot... Back online for another 16 hours... I repeated this step over and over, until today, i called at like 11am, and got home at 7:30, and im still down. I call them again, they tell me im doing 15mb on the server, and my box is taking down the network because im doing DOS attacks ???
Now they tell me I need a firewall, anyone have any recommendations for a free firewall?
And whats the deal, am I getting screwed here?
-
02-05-2003, 08:52 PM #2Junior Guru Wannabe
- Join Date
- Nov 2002
- Posts
- 58
Someone is attacking you! You should try to figure out the IP and black list them.
-
02-06-2003, 10:49 AM #3Junior Guru
- Join Date
- Aug 2001
- Location
- Connecticut
- Posts
- 242
Here's the new delemma --- I called again and told them i'd be leaving atwebhost, and asked them to somehow turn back on my server so I could get my data. That was last night, and it has yet to be done.
What should my course of action be?
-
02-06-2003, 10:59 AM #4Web Hosting Master
- Join Date
- Nov 2001
- Posts
- 5,383
Do a netstat on the server to see what the origin of the attack and block them out using IPchains.
Clustered Hosting With Continuous Data Protection (CDP)
http://www.solidinternet.com
8 Years of hosting excellence!
-
02-06-2003, 11:13 AM #5Junior Guru
- Join Date
- Aug 2001
- Location
- Connecticut
- Posts
- 242
Im talking about getting my data back and away from Atwebhost
-
02-06-2003, 11:34 AM #6Web Hosting Master
- Join Date
- Dec 2002
- Posts
- 4,305
Whether you are with atwebhost or not you need to learn how to secure your box or this is going to happen again unless you pay someone to manage your server. It dosen't matter if you host your box at home or in a large datacenter. You have an open box, you're going to be owned.
Ask them to see if you can get onto the box and do a netstat. Find out what processes are running so this doesn't happen again.
A datacenter is going to be very reluctant to plug back in a box that has been hacked though, so you might be out of luck. That one box can take down other customers on their network. They're losing one customer here already... would it be smart to turn that server back on so that other servers go down on their network and they lose 20 more customers because of an unpatched box?
You do have backups right?
Free firewall
Bastille Linux
http://www.bastille-linux.orgwww.square-network.com www.squarenetwork.com
Now available in regular and dehyphenated.
May 2003 Member of the Month
Useless Community Liason Ever Since.